The UK's National Cyber Security Centre (NCSC) has launched the Scanning Made Easy (SME) trial project to help businesses quickly and easily identify security vulnerabilities in their systems.
SME will see various scripts being offered to businesses for free allowing them to easily identify a range of specific critical vulnerabilities. The aim is to make patching more straightforward for businesses, especially ones with fewer cyber security capabilities compared to larger firms.
The NCSC said it won't be releasing scripts for every single vulnerability but said they will be continually developed and reviewed for security issues that "are consistently causing headaches for system administrators".
The scripts will be written by the NCSC's i100 partners (i100 is an initiative that promotes collaboration between the NCSC and outside industry talent) and will conform to the cyber organisation's SME developer guidelines which defines what the script is able to do and how it verifies a vulnerability.
"It is important that anyone running the scripts knows what they do," the NCSC said.
Each script will be written using the NMAP Scripting Engine, one of NMAP's most powerful tools designed for developers to easily create and share scripts to automate a variety of networking tasks in the industry-standard network mapping tool.
RELATED RESOURCE
The top three IT pains of the new reality and how to solve them
Driving more resiliency with unified operations and service management
"When a software vulnerability is disclosed, it is often easier to find proof-of-concept code to exploit it, than it is to find tools that will help defend your network," the NCSC said.. "To make matters worse, even when there is a scanning script available, it can be difficult to know if it is safe to run, let alone whether it returns valid scan results.
"SME was born out of our frustration with this problem and our desire to help network defenders find vulnerable systems, so they can protect them."
The first script SME has released is for Exim message transfer agent (MTA) remote code execution (RCE) vulnerabilities, sometimes known as '21Nails' or otherwise tracked as CVE-2020-28017 through CVE-2020-28026.
Businesses can download the script via GitHub and are advised to run the script regardless of whether they think they have Exim MTA - "you might be surprised by what you find installed on your network," it said. Once it has run, the script will display easy-to-read results, a description of the vulnerability, and a link to the appropriate vendor's security advisory.
Businesses are also encouraged to build their own scripts, in accordance with the NCSC's SME developer guidelines, and submit them to the cyber organisation for review to expand the program further.
-
Should AI PCs be part of your next hardware refresh?AI PCs are fast becoming a business staple and a surefire way to future-proof your business
-
Westcon-Comstor and Vectra AI launch brace of new channel initiativesNews Westcon-Comstor and Vectra AI have announced the launch of two new channel growth initiatives focused on the managed security service provider (MSSP) space and AWS Marketplace.
-
Hackers are targeting Ivanti VPN users again – here’s what you need to knowNews Ivanti has re-patched a security flaw in its Connect Secure VPN appliances that's been exploited by a China-linked espionage group since at least the middle of March.
-
Broadcom issues urgent alert over three VMware zero-daysNews The firm says it has information to suggest all three are being exploited in the wild
-
Nakivo backup flaw still present on some systems months after firms’ ‘silent patch’, researchers claimNews Over 200 vulnerable Nakivo backup instances have been identified months after the firm silently patched a security flaw.
-
Everything you need to know about the Microsoft Power Pages vulnerabilityNews A severe Microsoft Power Pages vulnerability has been fixed after cyber criminals were found to have been exploiting unpatched systems in the wild.
-
Vulnerability management complexity is leaving enterprises at serious riskNews Fragmented data and siloed processes mean remediation is taking too long
-
A critical Ivanti flaw is being exploited in the wild – here’s what you need to knowNews Cyber criminals are actively exploiting a critical RCE flaw affecting Ivanti Connect Secure appliances
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Researchers claim an AMD security flaw could let hackers access encrypted dataNews Using only a $10 test rig, researchers were able to pull off the badRAM attack
